l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
October 20: Web Application Hacking: How to Make and Break Security on the Web
Next Installfest:
TBD
Latest News:
Oct. 10: LUGOD Installfests coming again soon
Page last updated:
2003 Feb 05 16:15

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] can't open display with ssh2
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] can't open display with ssh2



I dont want to sound cruel, or assume you have not checked these, but want
to offer these as a first stop in case you have not...

Check out the "sshd_config" file on the machine to which you are
connecting and the "ssh_config" file from the machine you are running the
ssh command.

check out man pages:
$ man sshd_config
$ man ssh_config
and examine options like UseLogin, X11Forwarding, X11UseLocalhost (in
sshd_config file) and ForwardX11 (in ssh_config).

I expect the problems you find are probably in config of one of these.

Certainly, I could try to answer with the "why" for eahc of these, but I
would just be copying and pasting stuff from these pages with side
comments.

If you have done these, and forced the ssh service on the end to re-read
its config (by restarting the service, or other means) then please let us
know so that we can provide other ideas...

HTH

-ME


-- 
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS/CM$/IT$/LS$/S/O$ !d--(++) !s !a+++(-----) C++$(++++) U++++$(+$) P+$>+++
L+++$(++) E W+++$(+) N+ o K w+$>++>+++ O-@ M+$ V-$>- !PS !PE Y+ PGP++
t@-(++) 5+@ X@ R- tv- b++ DI+++ D+ G--@ e+>++>++++ h(++)>+ r*>? z?
------END GEEK CODE BLOCK------
decode: http://www.ebb.org/ungeek/ about: http://www.geekcode.com/geek.html
  Campus IT(/OS Security): Operating Systems Support Specialist Assistant


Robin Snyder said:
> I'm unable to forward X despite the fact that I used the -X option with
> ssh and ForwardX11 is set to yes in ssh_config on the remote machine (on
> both machines, actually).  I get the error message
>
> Error: Can't open display:
>
> which evidently means that ssh2 has failed to perform its usual magic in
> setting up the display.  A wander through google has comforted me with
> the realization that I am not alone in having this problem, although it
> has not given me any answers.  Any idea what's happening?  I saw nothing
> obviously amiss in the output of ssh -v, but will append the output
> below in case others see problems I missed.
>
> 			- robin.
>
> OpenSSH_3.4p1 Debian 1:3.4p1-1, SSH protocols 1.5/2.0, OpenSSL
> 0x0090603f debug1: Rhosts Authentication disabled, originating port will
> not be trusted. debug1: ssh_connect: needpriv 0
> debug1: Connecting to 169.237.66.192 [169.237.66.192] port 22.
> debug1: Connection established.
> debug1: identity file /home/robin/.ssh/identity type -1
> debug1: identity file /home/robin/.ssh/id_rsa type -1
> debug1: identity file /home/robin/.ssh/id_dsa type 2
> debug1: Remote protocol version 2.0, remote software version
> OpenSSH_3.4p1 Debian 1:3.4p1-1 debug1: match: OpenSSH_3.4p1 Debian
> 1:3.4p1-1 pat OpenSSH*
> Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug1: dh_gen_key: priv key bits set: 138/256
> debug1: bits set: 1622/3191
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug1: Host '169.237.66.192' is known and matches the RSA host key.
> debug1: Found key in /home/robin/.ssh/known_hosts:17
> debug1: bits set: 1531/3191
> debug1: ssh_rsa_verify: signature correct
> debug1: kex_derive_keys
> debug1: newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: waiting for SSH2_MSG_NEWKEYS
> debug1: newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: done: ssh_kex2.
> debug1: send SSH2_MSG_SERVICE_REQUEST
> debug1: service_accept: ssh-userauth
> debug1: got SSH2_MSG_SERVICE_ACCEPT
> debug1: authentications that can continue:
> publickey,password,keyboard-interactive debug1: next auth method to try
> is publickey
> debug1: try privkey: /home/robin/.ssh/identity
> debug1: try privkey: /home/robin/.ssh/id_rsa
> debug1: try pubkey: /home/robin/.ssh/id_dsa
> debug1: authentications that can continue:
> publickey,password,keyboard-interactive debug1: next auth method to try
> is keyboard-interactive
> debug1: authentications that can continue:
> publickey,password,keyboard-interactive debug1: next auth method to try
> is password
> debug1: ssh-userauth2 successful: method password
> debug1: fd 5 setting O_NONBLOCK
> debug1: channel 0: new [client-session]
> debug1: send channel open 0
> debug1: Entering interactive session.
> debug1: ssh_session2_setup: id 0
> debug1: channel request 0: pty-req
> debug1: Requesting X11 forwarding with authentication spoofing.
> debug1: channel request 0: x11-req
> debug1: channel request 0: shell
> debug1: fd 3 setting TCP_NODELAY
> debug1: channel 0: open confirm rwindow 0 rmax 32768
> Linux munin 2.4.17-k7 #2 Sat Dec 22 22:03:49 EST 2001 i686 unknown
>
> Most of the programs included with the Debian GNU/Linux system are
> freely redistributable; the exact distribution terms for each program
> are described in the individual files in /usr/share/doc/*/copyright
>
> Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
> permitted by applicable law.
> Last login: Wed Feb  5 09:37:37 2003 from dcn243-52.dcn.davis.ca.us
>  [4mmunin [24m: [1m~ [0m>
>  [4mmunin [24m: [1m~ [0m> xclock
> Error: Can't open display:
>  [4mmunin [24m: [1m~ [0m> byedebug1: client_input_channel_req: channel 0
> rtype exit-status reply 0
>
> debug1: channel 0: rcvd eof
> debug1: channel 0: output open -> drain
> debug1: channel 0: obuf empty
> debug1: channel 0: close_write
> debug1: channel 0: output drain -> closed
> debug1: channel 0: rcvd close
> debug1: channel 0: close_read
> debug1: channel 0: input open -> closed
> debug1: channel 0: almost dead
> debug1: channel 0: gc: notify user
> debug1: channel 0: gc: user detached
> debug1: channel 0: send close
> debug1: channel 0: is dead
> debug1: channel 0: garbage collecting
> debug1: channel_free: channel 0: client-session, nchannels 1
> debug1: fd 1 clearing O_NONBLOCK
> Connection to 169.237.66.192 closed.
> debug1: Transferred: stdin 0, stdout 0, stderr 38 bytes in 17.3 seconds
> debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 2.2
> debug1: Exit status 0
>
> _______________________________________________
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech



_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!